<\/a>Some based on this general information, your web team should be able to establish traffic thresholds so they can be alerted to unusually high numbers. When an unexplained or unplanned traffic surge starts happening, it\u2019s time to call a web-security company or CDN provider.<\/p>\nUse Whitelists and Blacklists (Smartly) \u2013 It\u2019s certainly good DDoS planning to use whitelists and blacklists to control who accesses your network. Just be careful not to overreact. I.e., don\u2019t permanently blacklist every IP address that causes an alert, because false positives do happen.<\/p>\n
To blacklist effectively, temporarily cut off dubious traffic and then observe the results. When some of the traffic attempts to reconnect a few moments later, it\u2019s probably from legitimate users. Malicious traffic often switches IP addresses.<\/p>\n
Practice for a DDoS Incident \u2013 Coordinate with your web team to plan DDoS drills. Simulate an attack to determine the preparedness of your organization. This can be done during a time of \u201cscheduled maintenance\u201d so your customers aren\u2019t caught off guard or inconvenienced by the simulated DDoS attack.<\/p>\n
You could let your service desk know when you\u2019ll run these simulated drills, or you might decide to keep them unaware as well. Either way, these tests are a good way to prepare your organization.<\/p>\n
Actions to Take During a DDoS Attack<\/h2>\n
If you\u2019re noticing sudden surges in traffic that can\u2019t be explained, or worse \u2013 your site is down \u2013 here are some things to do in response.<\/p>\n
Notify Your Web Hosting Provider \u2013 They might have seen the DDoS already, but you should contact them regardless. They may be able to stop malicious traffic. Also, ask the company to provide you with a new IP address.<\/p>\n
Automate Client Communications \u2013 In the midst of a DDoS attack, you can bet with near certainty that your company\u2019s service desk is going to be barraged by communications. Emails, phone calls, and social media complaints invariably accompany major service disruptions. To manage this heavy influx, you\u2019ll want to automate your communications.<\/p>\n
In situations like these, it\u2019s wise to set up a status page that shows whether your website is running or not. You should also consider creating DDoS communications that are sent automatically to customers who contact you. The communications should tell your customers that your service is down for the moment and that your team is working hard to restore the site as fast as possible. Also, link them to the status page mentioned above.<\/p>\n
Clear Your Logs Immediately \u2013 During an attack, your servers, unified threat management devices, and firewalls are straining to log every single DDoS request. All these platforms can quickly fail under the sheer volume of malicious activity. When one fails, it can cause a domino effect across all linked systems. Before this happens, dump your logs as soon as you know you\u2019re under a DDoS attack \u2013 especially if the logs are no longer providing you with any meaningful information.<\/p>\n
What to Do After the DDoS Attack<\/h2>\n
Be Transparent with Your Customers \u2013 Write a document that serves as an \u201cincident report\u201d to your customers. They deserve to be kept in the loop. The report you create should openly and honestly explain everything that happened, and the steps your company took to respond. It should also spell out how you\u2019ll be more prepared to prevent further DDoS attacks.<\/p>\n
At first, this incident report should be written in layman\u2019s terms that anybody can understand. Then, you can get into the more technical details later in the report for those customers who might want such depth.<\/p>\n
Ask Some Important Post-Event Questions \u2013 When the smoke of the DDoS attack clears, the next step is to find some answers.
\nDo you know who likely carried out the attack? Perhaps it was done by hacktivists who want to make a statement, or maybe it was just a case of cyber vandalism. In some cases, DDoS attacks are carried out by competitors, or even personal rivals of the business\u2019 founder.<\/p>\n
Also, it\u2019s important to answer the how question. How did the hackers hit your site? What kind of DDoS attack was this? The more you can find out, the easier it will be to prevent future attacks.<\/p>\n
The Time is Now!
\nYour business doesn\u2019t have to be a \u201csitting duck,\u201d vulnerably waiting to be hit by a DDoS attack. A bit of foresight and planning can prevent a bad situation from becoming catastrophic.<\/p>\n
In case your website does happen to fall prey to hackers, even with all your preparation, it\u2019s important to remember: If you panic over the situation, your thinking and decision-making skills will not be as clear as usual.<\/p>\n
If you find yourself in the middle of a DDoS battlefield, take a step back. Breathe deeply and gain some perspective. It\u2019s not a life-or-death situation, nor is it a permanent one. Unexpected problems are just the cost of doing business. And this is no different.<\/p>\n
Preparing for an attack beforehand will lessen the blow should hackers strike. Making smart decisions and working with your hosting company during an attack will resolve the situation as quickly as possible. And being honest and transparent afterward will help you regain trust.<\/p>\n
How ready are you for a possible DDoS incident? The time to prepare is now.<\/p>\n","protected":false},"excerpt":{"rendered":"
DDoS. If the sight of that acronym doesn\u2019t make you nervous, it should. It stands for Distributed Denial of Service, and it\u2019s a popular weapon used by hackers to take down websites large and small. How popular are we talking? Well, last year,\u00a0124,000 DDoS attacks\u00a0were perpetrated each week. This matters to you because you\u2019ve spent …<\/p>\n
What to Do Before, During and After a DDoS Attack<\/span> Read More »<\/a><\/p>\n","protected":false},"author":5,"featured_media":31,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"site-sidebar-layout":"default","site-content-layout":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"default","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":""},"categories":[4],"tags":[],"_links":{"self":[{"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/posts\/30"}],"collection":[{"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/users\/5"}],"replies":[{"embeddable":true,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/comments?post=30"}],"version-history":[{"count":1,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/posts\/30\/revisions"}],"predecessor-version":[{"id":502,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/posts\/30\/revisions\/502"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/media\/31"}],"wp:attachment":[{"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/media?parent=30"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/categories?post=30"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/thememunk.com\/wp-json\/wp\/v2\/tags?post=30"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}